diff --git a/content/manuals/desktop/troubleshoot-and-support/support.md b/content/manuals/desktop/troubleshoot-and-support/support.md
index 1608d0577aa2..ebdc7372968c 100644
--- a/content/manuals/desktop/troubleshoot-and-support/support.md
+++ b/content/manuals/desktop/troubleshoot-and-support/support.md
@@ -4,29 +4,45 @@ keywords: Support, Docker Desktop, Linux, Mac, Windows
 title: Get support for Docker Desktop
 weight: 20
 aliases:
- - /desktop/support/
- - /support/
+  - /desktop/support/
+  - /support/
 ---
 
 > [!NOTE]
-> 
+>
 > Docker Desktop offers support for developers with a [Pro, Team, or Business subscription](https://www.docker.com/pricing?utm_source=docker&utm_medium=webreferral&utm_campaign=docs_driven_upgrade_desktop_support).
 
-### How do I get Docker Desktop support?
+## Support options
 
-> [!TIP]
->
-> Before reaching out for support, follow the appropriate [Diagnose steps](/manuals/desktop/troubleshoot-and-support/troubleshoot/_index.md#diagnose) in the troubleshooting documentation. 
+All Docker Pro, Team, and Business subscribers receive email support for Docker Desktop, including help with account management, billing, configuration, installation, and usage issues.
 
-If you have a paid Docker subscription, you can [contact the Support team](https://hub.docker.com/support/contact/).
+Support response times and availability vary by subscription tier:
+
+- **Docker Pro**: 3 business day response
+- **Docker Team**: 2 business day response, 24×5 availability
+- **Docker Business**: 1 business day response, 24×5 availability
+
+Premium Support with faster response times and 24×7 availability is available as an add-on for Docker Business subscribers.
+
+For detailed support features and response times, see [Docker Pricing](https://www.docker.com/pricing/).
+
+### Community support
 
-All Docker users can seek support through the following resources, where Docker or the community respond on a best effort basis.
-- [Docker Desktop for Windows GitHub repo](https://github.com/docker/for-win) 
+All Docker users can seek support through the following resources, where Docker or the community respond on a best effort basis:
+
+- [Docker Desktop for Windows GitHub repo](https://github.com/docker/for-win)
 - [Docker Desktop for Mac GitHub repo](https://github.com/docker/for-mac)
 - [Docker Desktop for Linux GitHub repo](https://github.com/docker/desktop-linux)
 - [Docker Community Forums](https://forums.docker.com/)
 - [Docker Community Slack](http://dockr.ly/comm-slack)
 
+## How do I get Docker Desktop support?
+
+> [!TIP]
+>
+> Before reaching out for support, follow the appropriate [Diagnose steps](/manuals/desktop/troubleshoot-and-support/troubleshoot/_index.md#diagnose) in the troubleshooting documentation.
+
+If you have a paid Docker subscription, you can [contact the Support team](https://hub.docker.com/support/contact/).
 
 ### What support can I get?
 
@@ -36,16 +52,17 @@ All Docker users can seek support through the following resources, where Docker
 - Billing or subscription issues
 - Configuration issues
 - Desktop installation issues
-   - Installation crashes
-   - Failure to launch Docker Desktop on first run
+  - Installation crashes
+  - Failure to launch Docker Desktop on first run
 - Desktop update issues
 - Sign-in issues in both the command line interface and Docker Hub user interface
 - Push or pull issues, including rate limiting
 - Usage issues
-   - Crash closing software
-   - Docker Desktop not behaving as expected
+  - Crash closing software
+  - Docker Desktop not behaving as expected
 
 For Windows users, you can also request support on:
+
 - Turning on virtualization in BIOS
 - Turning on Windows features
 - Running inside [certain VM or VDI environments](/manuals/desktop/setup/vm-vdi.md) (Docker Business customers only)
@@ -87,7 +104,7 @@ For Pro and Team customers, Docker only offers support for the latest version of
 As a Pro user you can get support for Docker Desktop on a single machine.
 As a Team, you can get support for Docker Desktop for the number of machines equal to the number of seats as part of your subscription.
 
-### What OS’s are supported?
+### What operating systems are supported?
 
 Docker Desktop is available for Mac, Linux, and Windows. The supported version information can be found on the following pages:
 
diff --git a/content/manuals/enterprise/security/provisioning/scim.md b/content/manuals/enterprise/security/provisioning/scim.md
index 215bf0cade22..330b148a98ea 100644
--- a/content/manuals/enterprise/security/provisioning/scim.md
+++ b/content/manuals/enterprise/security/provisioning/scim.md
@@ -12,9 +12,13 @@ weight: 20
 
 {{< summary-bar feature_name="SSO" >}}
 
-Automate user management for your Docker organization using System for Cross-domain Identity Management (SCIM). SCIM automatically provisions and de-provisions users, synchronizes team memberships, and keeps your Docker organization in sync with your identity provider.
+Automate user management for your Docker organization using System for
+Cross-domain Identity Management (SCIM). SCIM automatically provisions and
+de-provisions users, synchronizes team memberships, and keeps your Docker
+organization in sync with your identity provider.
 
-This page shows you how to automate user provisioning and de-provisioning for Docker using SCIM.
+This page shows you how to automate user provisioning and de-provisioning for
+Docker using SCIM.
 
 ## Prerequisites
 
@@ -27,13 +31,14 @@ Before you begin, you must have:
 
 SCIM automates user provisioning and de-provisioning for Docker through your
 identity provider. After you enable SCIM, any user assigned to your
-Docker application in your identity provider is automatically provisioned and added to your
-Docker organization. When a user is removed from the Docker application in your
-identity provider, SCIM deactivates and removes them from your Docker organization.
+Docker application in your identity provider is automatically provisioned and
+added to your Docker organization. When a user is removed from the Docker
+application in your identity provider, SCIM deactivates and removes them from
+your Docker organization.
 
 In addition to provisioning and removal, SCIM also syncs profile updates like
-name changes made in your identity provider. You can use SCIM alongside Docker's default
-Just-in-Time (JIT) provisioning or on its own with JIT disabled.
+name changes made in your identity provider. You can use SCIM alongside Docker's
+default Just-in-Time (JIT) provisioning or on its own with JIT disabled.
 
 SCIM automates:
 
@@ -45,37 +50,43 @@ SCIM automates:
 
 > [!NOTE]
 >
-> SCIM only manages users provisioned through your identity provider after SCIM is enabled. It cannot remove users who were manually added to your Docker organization before SCIM was set up.
-><br><br>
+> SCIM only manages users provisioned through your identity provider after
+> SCIM is enabled. It cannot remove users who were manually added to your Docker
+> organization before SCIM was set up.
+>
 > To remove those users, delete them manually from your Docker organization.
-For more information, see [Manage organization members](/manuals/admin/organization/members.md).
+> For more information, see
+> [Manage organization members](/manuals/admin/organization/members.md).
 
 ## Supported attributes
 
 SCIM uses attributes (name, email, etc.) to sync user information between your
-identity provider and Docker. Properly mapping these attributes in your identity provider ensures that user provisioning works smoothly and prevents issues like duplicate user accounts
+identity provider and Docker. Properly mapping these attributes in your identity
+provider ensures that user provisioning works smoothly and prevents issues like
+duplicate user accounts
 when using single sign-on.
 
 Docker supports the following SCIM attributes:
 
-| Attribute    | Description |
-|:---------------------------------------------------------------|:-------------------------------------------------------------------------------------------|
-| `userName`             | User’s primary email address, used as the unique identifier |
-| `name.givenName` | User’s first name |
-| `name.familyName` | User’s surname |
-| `active` | Indicates if a user is enabled or disabled, set to “false” to de-provision a user |
+| Attribute         | Description                                                                       |
+| :---------------- | :-------------------------------------------------------------------------------- |
+| `userName`        | User's primary email address, used as the unique identifier                       |
+| `name.givenName`  | User's first name                                                                 |
+| `name.familyName` | User's surname                                                                    |
+| `active`          | Indicates if a user is enabled or disabled, set to "false" to de-provision a user |
 
-For additional details about supported attributes and SCIM, see [Docker Hub API SCIM reference](/reference/api/hub/latest/#tag/scim).
+For additional details about supported attributes and SCIM, see
+[Docker Hub API SCIM reference](/reference/api/hub/latest/#tag/scim).
 
 > [!IMPORTANT]
 >
 > By default, Docker uses Just-in-Time (JIT) provisioning for SSO. If SCIM is
-enabled, JIT values still take precedence and will overwrite attribute values
-set by SCIM. To avoid conflicts, make sure your JIT attribute values match your
-SCIM values.
-><br><br>
+> enabled, JIT values still take precedence and will overwrite attribute values
+> set by SCIM. To avoid conflicts, make sure your JIT attribute values match
+> your SCIM values.
+>
 > Alternatively, you can disable JIT provisioning to rely solely on SCIM.
-For details, see [Just-in-Time](just-in-time.md).
+> For details, see [Just-in-Time](just-in-time.md).
 
 ## Enable SCIM in Docker
 
@@ -83,12 +94,17 @@ To enable SCIM:
 
 1. Sign in to [Docker Home](https://app.docker.com).
 1. Select **Admin Console**, then **SSO and SCIM**.
-1. In the **SSO connections** table, select the **Actions** icon for your connection, then select **Setup SCIM**.
-1. Copy the **SCIM Base URL** and **API Token** and paste the values into your IdP.
+1. In the **SSO connections** table, select the **Actions** icon for your
+   connection, then select **Setup SCIM**.
+1. Copy the **SCIM Base URL** and **API Token** and paste the values into your
+   IdP.
 
 ## Enable SCIM in your IdP
 
-The user interface for your identity provider may differ slightly from the following steps. You can refer to the documentation for your identity provider to verify. For additional details, see the documentation for your identity provider:
+The user interface for your identity provider may differ slightly from the
+following steps. You can refer to the documentation for your identity provider
+to verify. For additional details, see the documentation for your identity
+provider:
 
 - [Okta](https://help.okta.com/en-us/Content/Topics/Apps/Apps_App_Integration_Wizard_SCIM.htm)
 - [Entra ID/Azure AD SAML 2.0](https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/user-provisioning)
@@ -96,9 +112,9 @@ The user interface for your identity provider may differ slightly from the follo
 > [!NOTE]
 >
 > Microsoft does not currently support SCIM and OIDC in the same non-gallery
-application in Entra ID. This page provides a verified workaround using a
-separate non-gallery app for SCIM provisioning. While Microsoft does not
-officially document this setup, it is widely used and supported in practice.
+> application in Entra ID. This page provides a verified workaround using a
+> separate non-gallery app for SCIM provisioning. While Microsoft does not
+> officially document this setup, it is widely used and supported in practice.
 
 {{< tabs >}}
 {{< tab name="Okta" >}}
@@ -107,15 +123,19 @@ officially document this setup, it is widely used and supported in practice.
 
 1. Sign in to Okta and select **Admin** to open the admin portal.
 1. Open the application you created when you configured your SSO connection.
-1. On the application page, select the **General** tab, then **Edit App Settings**.
+1. On the application page, select the **General** tab, then
+   **Edit App Settings**.
 1. Enable SCIM provisioning, then select **Save**.
 1. Navigate to the **Provisioning**, then select **Edit SCIM Connection**.
-1. To configure SCIM in Okta, set up your connection using the following values and settings:
-    - SCIM Base URL: SCIM connector base URL (copied from Docker Home)
-    - Unique identifier field for users: `email`
-    - Supported provisioning actions: **Push New Users** and **Push Profile Updates**
-    - Authentication Mode: HTTP Header
-    - SCIM Bearer Token: HTTP Header Authorization Bearer Token (copied from Docker Home)
+1. To configure SCIM in Okta, set up your connection using the following
+   values and settings:
+   - SCIM Base URL: SCIM connector base URL (copied from Docker Home)
+   - Unique identifier field for users: `email`
+   - Supported provisioning actions: **Push New Users** and
+     **Push Profile Updates**
+   - Authentication Mode: HTTP Header
+   - SCIM Bearer Token: HTTP Header Authorization Bearer Token
+     (copied from Docker Home)
 1. Select **Test Connector Configuration**.
 1. Review the test results and select **Save**.
 
@@ -126,10 +146,10 @@ officially document this setup, it is widely used and supported in practice.
 1. Enable **Create Users**, **Update User Attributes**, and **Deactivate Users**.
 1. Select **Save**.
 1. Remove unnecessary mappings. The necessary mappings are:
-    - Username
-    - Given name
-    - Family name
-    - Email
+   - Username
+   - Given name
+   - Family name
+   - Email
 
 Next, [set up role mapping](#set-up-role-mapping).
 
@@ -142,10 +162,11 @@ provisioning.
 
 ### Step one: Create a separate SCIM app
 
-1. In the Azure Portal, go to **Microsoft Entra ID** > **Enterprise Applications** >
-**New application**.
+1. In the Azure Portal, go to **Microsoft Entra ID** >
+   **Enterprise Applications** > **New application**.
 1. Select **Create your own application**.
-1. Name your application and choose **Integrate any other application you don't find in the gallery**.
+1. Name your application and choose
+   **Integrate any other application you don't find in the gallery**.
 1. Select **Create**.
 
 ### Step two: Configure SCIM provisioning
@@ -153,8 +174,8 @@ provisioning.
 1. In your new SCIM application, go to **Provisioning** > **Get started**.
 1. Set **Provisioning Mode** to **Automatic**.
 1. Under **Admin Credentials**:
-    - **Tenant URL**: Paste the **SCIM Base URL** from Docker Home.
-    - **Secret Token**: Paste the **SCIM API token** from Docker Home.
+   - **Tenant URL**: Paste the **SCIM Base URL** from Docker Home.
+   - **Secret Token**: Paste the **SCIM API token** from Docker Home.
 1. Select **Test Connection** to verify.
 1. Select **Save** to store credentials.
 
@@ -163,13 +184,13 @@ Next, [set up role mapping](#set-up-role-mapping).
 {{< /tab >}}
 {{< tab name="Entra ID (SAML 2.0)" >}}
 
-1. In the Azure Portal, go to **Microsoft Entra ID** > **Enterprise Applications**,
-and select your Docker SAML app.
+1. In the Azure Portal, go to **Microsoft Entra ID** >
+   **Enterprise Applications**, and select your Docker SAML app.
 1. Select **Provisioning** > **Get started**.
 1. Set **Provisioning Mode** to **Automatic**.
 1. Under **Admin Credentials**:
-    - **Tenant URL**: Paste the **SCIM Base URL** from Docker Home.
-    - **Secret Token**: Paste the **SCIM API token** from Docker Home.
+   - **Tenant URL**: Paste the **SCIM Base URL** from Docker Home.
+   - **Secret Token**: Paste the **SCIM API token** from Docker Home.
 1. Select **Test Connection** to verify.
 1. Select **Save** to store credentials.
 
@@ -187,16 +208,16 @@ default role and team values set in your SSO configuration.
 > [!NOTE]
 >
 > Role mappings are supported for both SCIM and Just-in-Time (JIT)
-provisioning. For JIT, role mapping applies only when the user is first
-provisioned.
+> provisioning. For JIT, role mapping applies only when the user is first
+> provisioned.
 
 The following table lists the supported optional user-level attributes:
 
-| Attribute | Possible values    | Notes          |
-| --------- | ------------------ | -------------- |
-| `dockerRole` | `member`, `editor`, or `owner` | If not set, the user defaults to the `member` role. Setting this attribute overrides the default.<br><br>For role definitions, see [Roles and permissions](../roles-and-permissions.md). |
-| `dockerOrg` | Docker `organizationName` (e.g., `moby`) | Overrides the default organization configured in your SSO connection.<br><br>If unset, the user is provisioned to the default organization. If `dockerOrg` and `dockerTeam` are both set, the user is provisioned to the team within the specified organization. |
-| `dockerTeam` | Docker `teamName` (e.g., `developers`) | Provisions the user to the specified team in the default or specified organization. If the team doesn't exist, it is automatically created.<br><br>You can still use [group mapping](group-mapping.md) to assign users to multiple teams across organizations. |
+| Attribute    | Possible values                          | Notes                                                                                                                                                                                                                                                            |
+| ------------ | ---------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `dockerRole` | `member`, `editor`, or `owner`           | If not set, the user defaults to the `member` role. Setting this attribute overrides the default.<br><br>For role definitions, see [Roles and permissions](../roles-and-permissions.md).                                                                         |
+| `dockerOrg`  | Docker `organizationName` (e.g., `moby`) | Overrides the default organization configured in your SSO connection.<br><br>If unset, the user is provisioned to the default organization. If `dockerOrg` and `dockerTeam` are both set, the user is provisioned to the team within the specified organization. |
+| `dockerTeam` | Docker `teamName` (e.g., `developers`)   | Provisions the user to the specified team in the default or specified organization. If the team doesn't exist, it is automatically created.<br><br>You can still use [group mapping](group-mapping.md) to assign users to multiple teams across organizations.   |
 
 The external namespace used for these attributes is: `urn:ietf:params:scim:schemas:extension:docker:2.0:User`.
 This value is required in your identity provider when creating custom SCIM attributes for Docker.
@@ -207,17 +228,26 @@ This value is required in your identity provider when creating custom SCIM attri
 ### Step one: Set up role mapping in Okta
 
 1. Setup [SSO](../single-sign-on/configure/_index.md) and SCIM first.
-1. In the Okta admin portal, go to **Directory**, select **Profile Editor**, and then **User (Default)**.
-1. Select **Add Attribute** and configure the values for the role, organization, or team you want to add. Exact naming isn't required.
+1. In the Okta admin portal, go to **Directory**, select **Profile Editor**,
+   and then **User (Default)**.
+1. Select **Add Attribute** and configure the values for the role, organization,
+   or team you want to add. Exact naming isn't required.
 1. Return to the **Profile Editor** and select your application.
-1. Select **Add Attribute** and enter the required values. The **External Name** and **External Namespace** must be exact.
-    - The external name values for organization/team/role mapping are `dockerOrg`, `dockerTeam`, and `dockerRole` respectively, as listed in the previous table.
-    - The external namespace is the same for all of them: `urn:ietf:params:scim:schemas:extension:docker:2.0:User`.
-1. After creating the attributes, navigate to the top of the page and select **Mappings**, then **Okta User to YOUR APP**.
-1. Go to the newly created attributes and map the variable names to the external names, then select **Save Mappings**. If you’re using JIT provisioning, continue to the following steps.
+1. Select **Add Attribute** and enter the required values. The **External Name**
+   and **External Namespace** must be exact.
+   - The external name values for organization/team/role mapping are
+     `dockerOrg`, `dockerTeam`, and `dockerRole` respectively, as listed in the previous table.
+   - The external namespace is the same for all of them:
+     `urn:ietf:params:scim:schemas:extension:docker:2.0:User`.
+1. After creating the attributes, navigate to the top of the page and select
+   **Mappings**, then **Okta User to YOUR APP**.
+1. Go to the newly created attributes and map the variable names to the external
+   names, then select **Save Mappings**. If you're using JIT provisioning, continue
+   to the following steps.
 1. Navigate to **Applications** and select **YOUR APP**.
 1. Select **General**, then **SAML Settings**, and **Edit**.
-1. Select **Step 2** and configure the mapping from the user attribute to the Docker variables.
+1. Select **Step 2** and configure the mapping from the user attribute to the
+   Docker variables.
 
 ### Step two: Assign roles by user
 
@@ -232,7 +262,8 @@ This value is required in your identity provider when creating custom SCIM attri
 1. Open **YOUR APPLICATION** and select the **Edit** icon.
 1. Update the attributes to the desired values.
 
-If a user doesn't already have attributes set up, users who are added to the group will inherit these attributes upon provisioning.
+If a user doesn't already have attributes set up, users who are added to the
+group will inherit these attributes upon provisioning.
 
 {{< /tab >}}
 {{< tab name="Entra ID/Azure AD (SAML 2.0 and OIDC)" >}}
@@ -240,24 +271,25 @@ If a user doesn't already have attributes set up, users who are added to the gro
 ### Step one: Configure attribute mappings
 
 1. Complete the [SCIM provisioning setup](#enable-scim-in-docker).
-1. In the Azure Portal, open **Microsoft Entra ID** > **Enterprise Applications**,
-and select your SCIM application.
-1. Go to **Provisioning** > **Mappings** > **Provision Azure Active Directory Users**.
+1. In the Azure Portal, open **Microsoft Entra ID** >
+   **Enterprise Applications**, and select your SCIM application.
+1. Go to **Provisioning** > **Mappings** >
+   **Provision Azure Active Directory Users**.
 1. Add or update the following mappings:
-    - `userPrincipalName` -> `userName`
-    - `mail` -> `emails.value`
-    - Optional. Map `dockerRole`, `dockerOrg`, or `dockerTeam` using one of the
-    [mapping methods](#step-two-choose-a-role-mapping-method).
+   - `userPrincipalName` -> `userName`
+   - `mail` -> `emails.value`
+   - Optional. Map `dockerRole`, `dockerOrg`, or `dockerTeam` using one of the
+     [mapping methods](#step-two-choose-a-role-mapping-method).
 1. Remove any unsupported attributes to prevent sync errors.
 1. Optional. Go to **Mappings** > **Provision Azure Active Directory Groups**:
-    - If group provisioning causes errors, set **Enabled** to **No**.
-    - If enabling, test group mappings carefully.
+   - If group provisioning causes errors, set **Enabled** to **No**.
+   - If enabling, test group mappings carefully.
 1. Select **Save** to apply mappings.
 
 ### Step two: Choose a role mapping method
 
-You can map `dockerRole`, `dockerOrg`, or `dockerTeam` using one of the following
-methods:
+You can map `dockerRole`, `dockerOrg`, or `dockerTeam` using one of the
+following methods:
 
 #### Expression mapping
 
@@ -266,33 +298,35 @@ or `owner`.
 
 1. In the **Edit Attribute** view, set the mapping type to **Expression**.
 1. In the **Expression** field:
-    1. If your App Roles match Docker roles exactly, use: SingleAppRoleAssignment([appRoleAssignments])
-    1. If they don't match, use a switch expression: `Switch(SingleAppRoleAssignment([appRoleAssignments]), "My Corp Admins", "owner", "My Corp Editors", "editor", "My Corp Users", "member")`
+   1. If your App Roles match Docker roles exactly, use:
+      SingleAppRoleAssignment([appRoleAssignments])
+   1. If they don't match, use a switch expression: `Switch(SingleAppRoleAssignment([appRoleAssignments]), "My Corp Admins", "owner", "My Corp Editors", "editor", "My Corp Users", "member")`
 1. Set:
-    - **Target attribute**: `urn:ietf:params:scim:schemas:extension:docker:2.0:User:dockerRole`
-    - **Match objects using this attribute**: No
-    - **Apply this mapping**: Always
+   - **Target attribute**: `urn:ietf:params:scim:schemas:extension:docker:2.0:User:dockerRole`
+   - **Match objects using this attribute**: No
+   - **Apply this mapping**: Always
 1. Save your changes.
 
 > [!WARNING]
 >
 > You can't use `dockerOrg` or `dockerTeam` with this method. Expression mapping
-is only compatible with one attribute.
+> is only compatible with one attribute.
 
 #### Direct mapping
 
 Use this method if you need to map multiple attributes (`dockerRole` +
 `dockerTeam`).
 
-1. For each Docker attribute, choose a unique Entra extension attribute (`extensionAttribute1`, `extensionAttribute2`, etc.).
+1. For each Docker attribute, choose a unique Entra extension attribute
+   (`extensionAttribute1`, `extensionAttribute2`, etc.).
 1. In the **Edit Attribute** view:
-    - Set mapping type to **Direct**.
-    - Set **Source attribute** to your selected extension attribute.
-    - Set **Target attribute** to one of:
-        - `dockerRole: urn:ietf:params:scim:schemas:extension:docker:2.0:User:dockerRole`
-        - `dockerOrg: urn:ietf:params:scim:schemas:extension:docker:2.0:User:dockerOrg`
-        - `dockerTeam: urn:ietf:params:scim:schemas:extension:docker:2.0:User:dockerTeam`
-    - Set **Apply this mapping** to **Always**.
+   - Set mapping type to **Direct**.
+   - Set **Source attribute** to your selected extension attribute.
+   - Set **Target attribute** to one of:
+     - `dockerRole: urn:ietf:params:scim:schemas:extension:docker:2.0:User:dockerRole`
+     - `dockerOrg: urn:ietf:params:scim:schemas:extension:docker:2.0:User:dockerOrg`
+     - `dockerTeam: urn:ietf:params:scim:schemas:extension:docker:2.0:User:dockerTeam`
+   - Set **Apply this mapping** to **Always**.
 1. Save your changes.
 
 To assign values, you'll need to use the Microsoft Graph API.
@@ -314,7 +348,7 @@ If you're using expression mapping:
 If you're using direct mapping:
 
 1. Go to [Microsoft Graph Explorer](https://developer.microsoft.com/en-us/graph/graph-explorer)
-and sign in as a tenant admin.
+   and sign in as a tenant admin.
 1. Use Microsoft Graph API to assign attribute values. Example PATCH request:
 
 ```bash
@@ -351,27 +385,200 @@ After completing role mapping, you can test the configuration manually.
 1. Select a user you've assigned to your SCIM application.
 1. Select **Provision User**.
 1. Wait a few seconds, then check the Docker
-[Admin Console](https://app.docker.com/admin) under **Members**.
-1. If the user doesn’t appear, review logs in **Reports > System Log** and
-confirm SCIM settings in the app.
+   [Admin Console](https://app.docker.com/admin) under **Members**.
+1. If the user doesn't appear, review logs in **Reports > System Log** and
+   confirm SCIM settings in the app.
 
 {{< /tab >}}
 {{< tab name="Entra ID/Azure AD (OIDC and SAML 2.0)" >}}
 
 1. In the Azure Portal, go to **Microsoft Entra ID** > **Enterprise Applications**,
-and select your SCIM app.
+   and select your SCIM app.
 1. Go to **Provisioning** > **Provision on demand**.
 1. Select a user or group and choose **Provision**.
 1. Confirm that the user appears in the Docker
-[Admin Console](https://app.docker.com/admin) under **Members**.
+   [Admin Console](https://app.docker.com/admin) under **Members**.
 1. If needed, check **Provisioning logs** for errors.
 
 {{< /tab >}}
 {{< /tabs >}}
 
+## Migrate existing JIT users to SCIM
+
+If you already have users provisioned through Just-in-Time (JIT) and want to
+enable full SCIM lifecycle management, you need to migrate them. Users
+originally created by JIT cannot be automatically de-provisioned through SCIM,
+even after SCIM is enabled.
+
+### Why migrate
+
+Organizations using JIT provisioning may encounter limitations with user
+lifecycle management, particularly around de-provisioning. Migrating to SCIM
+provides:
+
+- Automatic user de-provisioning when users leave your organization. This is
+  the primary benefit for large organizations that need full automation.
+- Continuous synchronization of user attributes
+- Centralized user management through your identity provider
+- Enhanced security through automated access control
+
+> [!IMPORTANT]
+>
+> Users originally created through JIT provisioning cannot be automatically
+> de-provisioned by SCIM, even after SCIM is enabled. To enable full lifecycle
+> management including automatic de-provisioning through your identity provider,
+> you must manually remove these users so SCIM can re-create them with proper
+> lifecycle management capabilities.
+
+This migration is most critical for larger organizations that require fully
+automated user de-provisioning when employees leave the company.
+
+### Prerequisites for migration
+
+Before migrating, ensure you have:
+
+- SCIM configured and tested in your organization
+- A maintenance window for the migration
+
+> [!WARNING]
+>
+> This migration temporarily disrupts user access. Plan to perform this
+> migration during a low-usage window and communicate the timeline to affected
+> users.
+
+### Prepare for migration
+
+#### Transfer ownership
+
+Before removing users, ensure that any repositories, teams, or organization
+resources they own are transferred to another administrator or service account.
+When a user is removed from the organization, any resources they own may
+become inaccessible.
+
+1. Review repositories, organization resources, and team ownership for affected
+   users.
+2. Transfer ownership to another administrator.
+
+> [!WARNING]
+>
+> If ownership is not transferred, repositories owned by removed users may
+> become inaccessible when the user is removed. Ensure all critical resources
+> are transferred before proceeding.
+
+#### Verify identity provider configuration
+
+1. Confirm all JIT-provisioned users are assigned to the Docker application in
+   your identity provider.
+2. Verify identity provider group to Docker team mappings are configured and
+   tested.
+
+Users not assigned to the Docker application in your identity provider are not
+re-created by SCIM after removal.
+
+#### Export user records
+
+Export a list of JIT-provisioned users from Docker Admin Console:
+
+1. Sign in to [Docker Home](https://app.docker.com) and select your
+   organization.
+2. Select **Admin Console**, then **Members**.
+3. Select **Export members** to download the member list as CSV for backup and
+   reference.
+
+Keep this CSV list of JIT-provisioned users as a rollback reference if needed.
+
+### Complete the migration
+
+#### Disable JIT provisioning
+
+> [!IMPORTANT]
+>
+> Before disabling JIT, ensure SCIM is fully configured and tested in your
+> organization. Do not disable JIT until you have verified SCIM is working
+> correctly.
+
+1. Sign in to [Docker Home](https://app.docker.com) and select your organization.
+2. Select **Admin Console**, then **SSO and SCIM**.
+3. In the SSO connections table, select the **Actions** menu for your connection.
+4. Select **Disable JIT provisioning**.
+5. Select **Disable** to confirm.
+
+Disabling JIT prevents new users from being automatically added through SSO
+during the migration.
+
+#### Remove JIT-origin users
+
+> [!IMPORTANT]
+>
+> Users originally created through JIT provisioning cannot be automatically
+> de-provisioned by SCIM, even after SCIM is enabled. To enable full lifecycle
+> management including automatic de-provisioning through your identity provider,
+> you must manually remove these users so SCIM can re-create them with proper
+> lifecycle management capabilities.
+
+This step is most critical for large organizations that require fully automated
+user de-provisioning when employees leave the company.
+
+1. Sign in to [Docker Home](https://app.docker.com) and select your organization.
+2. Select **Admin Console**, then **Members**.
+3. Identify and remove JIT-provisioned users in manageable batches.
+4. Monitor for any errors during removal.
+
+> [!TIP]
+>
+> To efficiently identify JIT users, compare the member list exported before
+> SCIM was enabled with the current member list. Users who existed before SCIM
+> was enabled were likely provisioned via JIT.
+
+#### Verify SCIM re-provisioning
+
+After removing JIT users, SCIM automatically re-creates user accounts:
+
+1. In your identity provider system log, confirm "create app user" events for
+   Docker.
+2. In Docker Admin Console, confirm users reappear with SCIM provisioning.
+3. Verify users are added to the correct teams via group mapping.
+
+#### Validate user access
+
+Perform post-migration validation:
+
+1. Select a subset of migrated users to test sign-in and access.
+2. Verify team membership matches identity provider group assignments.
+3. Confirm repository access is restored.
+4. Test that de-provisioning works correctly by removing a test user from your
+   identity provider.
+
+Keep audit exports and logs for compliance purposes.
+
+### Migration results
+
+After completing the migration:
+
+- All users in your organization are SCIM-provisioned
+- User de-provisioning works reliably through your identity provider
+- No new JIT users are created
+- Consistent identity lifecycle management is maintained
+
+### Troubleshoot migration issues
+
+If a user fails to reappear after removal:
+
+1. Check that the user is assigned to the Docker application in your identity
+   provider.
+2. Verify SCIM is enabled in both Docker and your identity provider.
+3. Trigger a manual SCIM sync in your identity provider.
+4. Check provisioning logs in your identity provider for errors.
+
+For more troubleshooting guidance, see
+[Troubleshoot provisioning](/manuals/enterprise/troubleshoot/troubleshoot-provisioning.md).
+
 ## Disable SCIM
 
-If SCIM is disabled, any user provisioned through SCIM will remain in the organization. Future changes for your users will not sync from your IdP. User de-provisioning is only possible when manually removing the user from the organization.
+If SCIM is disabled, any user provisioned through SCIM will remain in the
+organization. Future changes for your users will not sync from your IdP.
+User de-provisioning is only possible when manually removing the user from the
+organization.
 
 To disable SCIM:
 
@@ -380,7 +587,6 @@ To disable SCIM:
 1. In the **SSO connections** table, select the **Actions** icon.
 1. Select **Disable SCIM**.
 
-
 ## Next steps
 
 - Set up [Group mapping](/manuals/enterprise/security/provisioning/group-mapping.md).
diff --git a/content/manuals/subscription/details.md b/content/manuals/subscription/details.md
index d9d95c5cb696..928c3a67d655 100644
--- a/content/manuals/subscription/details.md
+++ b/content/manuals/subscription/details.md
@@ -4,7 +4,7 @@ linkTitle: Subscriptions and features
 description: Learn about Docker subscription tiers and their key features
 keywords: subscription, personal, pro, team, business, features, docker subscription
 aliases:
-- /subscription/core-subscription/details/
+  - /subscription/core-subscription/details/
 weight: 10
 ---
 
@@ -64,7 +64,7 @@ Docker Pro includes:
 
 - Full access to all Docker tools
 - 200 Docker Build Cloud minutes per month, Docker Build Cloud minutes do not
-rollover month to month
+  rollover month to month
 - 2 Docker Scout repositories with vulnerability analysis
 - 100 Testcontainers Cloud runtime minutes per month, Testcontainers Cloud runtime minutes do not rollover month to month
 - No Docker Hub pull rate limits
@@ -79,12 +79,12 @@ Pricing](https://www.docker.com/pricing/).
 Docker Team includes:
 
 - 500 Docker Build Cloud minutes per month, Docker Build Cloud minutes do not
-rollover month to month
+  rollover month to month
 - Unlimited Docker Scout repositories with vulnerability analysis
 - 500 Testcontainers Cloud runtime minutes per month, Testcontainers Cloud runtime minutes do not rollover month to month
 - No Docker Hub pull rate limits
 - Advanced collaboration tools including organization management, [Role Based Access Control
-(RBAC)](/security/for-admins/roles-and-permissions/), [activity logs](/admin/organization/activity-logs/), and more
+  (RBAC)](/security/for-admins/roles-and-permissions/), [activity logs](/admin/organization/activity-logs/), and more
 
 For a list of features available in each tier, see [Docker
 Pricing](https://www.docker.com/pricing/).
@@ -96,22 +96,22 @@ Pricing](https://www.docker.com/pricing/).
 Docker Business includes:
 
 - 1500 Docker Build Cloud minutes per month, Docker Build Cloud minutes do not
-rollover month to month
+  rollover month to month
 - Unlimited Docker Scout repositories with vulnerability analysis
 - 1500 Testcontainers Cloud runtime minutes per month, Testcontainers Cloud runtime minutes do not rollover month to month
 - No Docker Hub pull rate limits
 - Enterprise security features:
   - [Hardened Docker Desktop](/manuals/enterprise/security/hardened-desktop/_index.md)
   - [Image Access
-  Management](/manuals/enterprise/security/hardened-desktop/image-access-management.md)
-  which lets admins control what content developers can access
+    Management](/manuals/enterprise/security/hardened-desktop/image-access-management.md)
+    which lets admins control what content developers can access
   - [Registry Access
-  Management](/manuals/enterprise/security/hardened-desktop/registry-access-management.md)
-  which lets admins control what registries developers can access
+    Management](/manuals/enterprise/security/hardened-desktop/registry-access-management.md)
+    which lets admins control what registries developers can access
   - [Company layer](/admin/company/) to manage multiple organizations and settings
   - [Single sign-on](/security/for-admins/single-sign-on/)
   - [System for Cross-domain Identity
-  Management](/security/for-admins/provisioning/scim/)
+    Management](/security/for-admins/provisioning/scim/)
 
 For a list of features available in each tier, see [Docker
 Pricing](https://www.docker.com/pricing/).
@@ -134,6 +134,7 @@ repetitive tasks and empowers developers to spend more time creating value for
 their customers.
 
 Legacy Docker Pro includes:
+
 - Unlimited public repositories
 - Unlimited [Scoped Access Tokens](/security/access-tokens/)
 - Unlimited [collaborators](/docker-hub/repos/manage/access/#collaborators) for public repositories at no cost per month.
@@ -166,6 +167,7 @@ licensing for commercial use of Docker components including Docker Desktop and
 Docker Hub.
 
 Legacy Docker Team includes:
+
 - Everything included in legacy Docker Pro
 - Unlimited teams
 - [Auto Builds](/docker-hub/builds/) with 15 concurrent builds
@@ -198,6 +200,7 @@ initiatives. A Docker Business subscription includes licensing for commercial
 use of Docker components including Docker Desktop and Docker Hub.
 
 Legacy Docker Business includes:
+
 - Everything included in legacy Docker Team
 - [Hardened Docker Desktop](/manuals/enterprise/security/hardened-desktop/_index.md)
 - [Image Access Management](/manuals/enterprise/security/hardened-desktop/image-access-management.md) which lets admins control what content developers can access
@@ -273,8 +276,8 @@ For a list of features available in each tier, see [Docker Pricing](https://www.
 
 ## Legacy Docker Build Cloud subscriptions
 
- This section describes the features available for the different legacy Docker
- Build Cloud subscription tiers.
+This section describes the features available for the different legacy Docker
+Build Cloud subscription tiers.
 
 > [!IMPORTANT]
 >
@@ -350,4 +353,16 @@ A dedicated Docker account manager handles setup and management for Docker Busin
 
 ## Support
 
-All Docker Pro, Team, and Business subscribers receive email support for their subscriptions.
\ No newline at end of file
+All Docker Pro, Team, and Business subscribers receive email support for their subscriptions, including help with account management, billing, configuration, installation, and usage issues.
+
+Support response times and availability vary by subscription tier:
+
+- Docker Pro: 3 business day response
+- Docker Team: 2 business day response, 24×5 availability
+- Docker Business: 1 business day response, 24×5 availability
+
+Premium Support with faster response times and 24×7 availability is available as an add-on for Docker Business subscribers.
+
+For detailed support features and response times, see [Docker Pricing](https://www.docker.com/pricing/).
+
+All Docker users can also access community support through the [Docker Community Forums](https://forums.docker.com/) and [Docker Community Slack](https://dockr.ly/comm-slack).